<?php
/**
 * 制作:  叶风
 * Qq:    355007778
 * Email: ye.fn@163.com
 *
 */

namespace c\user;
\lang::load('user');

class login extends \control
{    
    function index_home()
	{
		$go = $_GET['ju'];
        if (!$go)
         {
            if (isset($_SERVER['HTTP_REFERER']))  
               $go = $_SERVER['HTTP_REFERER'];

            // 解析  
            if (strpos($go, ROOT_URL)===0)
             {
                $go = str_ireplace(ROOT_URL, '', $go);
                if (!$go or $go=='?u=cuser\login' or $go=='?u=cuser\reg')
                    $go = './';
             }
            else
                $go = './';
         }

        $this->t_var['jumURL'] = $go;
		$this->g();
	}
    /**
     * 跳到登录页,
     * 分析请求方式，ajax
     * 并中断向下执行
     */
    function g()
	{
        if ($_SERVER["HTTP_X_REQUESTED_WITH"]=="XMLHttpRequest")
         {
            $this->loadTemplate('user/login-clue');
            die;
         }
		$this->loadTemplate('user/login');
        $this->display('blank');
	}

    // 认证
    function index_auth()
	{
		$b = $this->auth( $_POST['data'] );
		ajax_json($b===TRUE ? $b : \lang::g($b));
	}
	private function auth($data)
	{
		$_n = $this->db->escape($data['name']);
		if($_n=='')
			return 'NO';
		$where = "(name='$_n' or email='$_n' or phone='$_n')";
		$res = $this->db->getOne('user', '*', $where);
        
        // ban
		if ($res['state']<1)
			return 'not or lock';
        
        // 延迟认证
        if ($res['er_num']>5)
         {
            $_a = \YF_f::initC('\c\temp\db')->findRow('login-err_time-'.$res['id']);
			if ($res['password']==$_a['val'])
			 {
				if (UNIX_TIME-$_a['create_time']<60)
					return 'You operate too fast.';
				if (UNIX_TIME-$_a['create_time']<3600 && $res['er_num']>10)
					return 'You operate too fast.';
			 }
         }
         
        // 认证
		if (\YF_f::initC('\c\user\g')->password_ver($data['password'], $res['password']))
		 {
			$res['l_name'] = $data['name'];
			if( $this->reg($res, intval($data['saveTime']) ) )
			  		return TRUE;
			return 'cookie over';
		 }
         
        // 失败
		$this->db->upField('user', 'er_num', $res['id']);
        \YF_f::initC('\c\temp\db')->save('login-err_time-'.$res['id'], $res['password']);
		return 'auth fail';	 
	}
	function reg($res, $days=NULL)
	{
		ob_clean();	
		
        $v = $res['id'].'|' . substr($res['password'], 2, 10);
        $b = \YF_f::set_cookie('login_u', $v, $days); // 记录ID
        $days && \YF_f::set_cookie('cookieTime', $days, $days); // time
		\YF_f::set_cookie('login_cn', $res['l_name'], 367); // 记录登录名
		
		// 更新
		$ud = array('online_time'=>UNIX_TIME);
		if ($res['er_num'])
			$ud['er_num'] = 0;
		$this->db->save('user', $ud, 'id='.$res['id']);
		\log::write('login', $id);
		return $b;
	}
    
	// 退出
    function index_out()
	{	
		if ($this->out())
			\url::jump(ROOT_URL);	
		$this->clue(\lang::g('Over'));
	}
	function out()
	{
		\YF_f::set_cookie('login_cn', '', -1);
		\YF_f::set_cookie('cookieTime', '', -1);
		return \YF_f::set_cookie('login_u', '', -1);
	}
	
}
